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Covariant-contravariant simulation and conformance simulation generalize plain simulation and try 
to capture the fact that it is not always the case that "the larger the number of behaviors, the better". 
We have previously studied their logical characterizations and in this paper we present the axiomati- 
zations of the preorders defined by the new simulation relations and their induced equivalences. The 
interest of our results lies in the fact that the axiomatizations help us to know the new simulations 
better, understanding in particular the role of the contravariant characteristics and their interplay with 
the covariant ones; moreover, the axiomatizations provide us with a powerful tool to (algebraically) 
prove results of the corresponding semantics. But we also consider our results interesting from a 
metatheoretical point of view: the fact that the covariant-contravariant simulation equivalence is in- 
deed ground axiomatizable when there is no action that exhibits both a covariant and a contravariant 
behaviour, but becomes non-axiomatizable whenever we have together actions of that kind and either 
covariant or contravariant actions, offers us a new subtle example of the narrow border separating ax- 
iomatizable and non-axiomatizable semantics. We expect that by studying these examples we will 
be able to develop a general theory separating axiomatizable and non-axiomatizable semantics. 

1 Introduction and some related work 

Simulations are a very natural way to compare systems defined by labeled transition systems or other 
related mechanisms based on describing the behavior of states by means of the actions they can execute 
|[T9l . They aim at comparing processes based on the simple premise "you are better if you can do as 
much as me, and perhaps some other new things". This assumes that all the executable actions are 
controlled by the user (no difference between input and output actions) and does not take into account 
that whenever the system has several possibilities for the execution of an action it will choose in an 
unpredictable internal way, so that more possibilities means less control. 

In order to cope with these limitations one should consider adequate versions of simulation where 
the characteristics of actions and the idea of preferring processes that are less non-deterministic are 
taken into account. This leads to two new notions of simulation: covariant-contravariant simulation 
and conformance simulation that we roughly sketched in ifTOl and presented in detail in lfl2l . where we 
proved that they can be presented as particular instances of the general notion of categorical simulation 
developed by Hughes and Jacobs lfl4l . 

Certainly, the distinction between input and output actions or similar classifications is not meant to 
be new at all and, for instance, they were present in modal transition systems as early as the end of the 
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eighties. They also play a central role in I/O-automata [18] and more recently appear as component of 
several works on interface automata (7J[l5l, where one finds the covariant-contravariant distinction when 
the guarantees of the specification can only be assumed if the conditions of the specification are satisfied. 

Concerning conformance simulation, the first related references are also quite old ifTTl l2ll . corre- 
sponding to the notion of conformance testing, which is close to failure semantics H. However, it is a 
bit surprising that in both cases we lack a basic theory where these notions are presented in a simplified 
scenario, stressing their main characteristics and properties. We think that the theory of semantics for 
processes, and particularly the simulation semantics, is a perfect field in which to develop that basic 
theory. This has been already proved in 02L where our new simulation semantics were shown to be 
categorical simulations, thus inheriting all their good properties for free. 

In ifm we have also briefly presented the logical characterizations of the two semantics. Now that we 
already know quite well the behaviour of the two new notions of simulation we can give their algebraic 
presentation. By the way, although in our previous works on the unified study of process semantics the 
(classical) co variant character of all the actions had several important consequences, mainly represented 
by the extremely simple and easy to apply basic axiom for simulation (S) x C x + y (or equivalently, just 
E y), we have been able to borrow from (U [Q El several ideas about the axiomatization of process 
semantics that, although not directly applicable due to the special characteristics of the new semantics, 
can be adequately adapted. 

However, not all of the simple and nice results for the algebraic theory of plain (covariant) simulation 
can be extended to the general covariant-contravariant case. In particular, in order to obtain the maximal 
genericity, when we defined covariant-contravariant simulations in |[T2l we admitted not only both co- 
variant and contravariant actions, but also other actions with a bivariant nature. This decision was taken 
because when presenting a general theory of categorical simulations in lfl4t J. Hughes and B. Jacobs 
already noticed that bisimulation was a particular (in fact, trivial) example of simulation semantics. It 
was also clear that inverse simulation (namely, contravariant simulation) was also another example, and 
then we were able to prove that our general covariant-contravariant simulation was another categorical 
simulation that smoothly combines bisimulation, plain (covariant) simulation and inverse (contravariant) 
simulation. 

Obviously, plain bisimulation has a simple axiomatization, as is the case for plain simulation; we will 
see in this paper that the preorder defined by our covariant-contravariant simulation can also be finitely 
axiomatized. When we considered the induced equivalence, we found indeed a finite axiomatization for 
the case in which there are no bivariant actions (actions that can be considered as both input and output) 
in our alphabet. The axiomatization and its completeness proof were obtained by adapting the general 
techniques in [ 8 , 9 ] for the covariant case to our more general covariant-contravariant scenario. However, 
as soon as a single bivariant action is introduced, and at least one non-bivariant one is also present, then 
the equational theory of covariant-contravariant simulation equivalence becomes non-finitely axiomatiz- 
able, and in fact the proof of this result is extraordinarily simple. 

Even if this is a negative result, we think that it will contribute to enlight the narrow border separating 
axiomatizable and non-axiomatizable process theories, which we expect to continue exploring in the 
future. 

There is a large collection of recent papers where notions close to those studied here are either 
developed or applied; a detailed comparison will appear elsewhere. However, we insist on the fact that 
we were not able to find a basic study where the main results on process theory had been extended to a 
framework containing any contravariant characteristics, although it is true that some small contributions 
along this direction can be found in some of these papers. We plan to develop a thorough compilation 
of the works on this topic by isolating the places where our foundational study could help to understand 
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the different developments, as well as looking for applications and new enhancements to our theory that 
could be of use to relate all the disconnected work on the area. In turn, we hope that this will also provide 
us with some intuition to understand those results and produce new formal techniques to obtain proofs 
of those, or other interesting results in the area. So, simply to give a hint, a sample of those works would 
include 012 M 121. 



2 Preliminaries 

In this section we summarize some definitions and concepts from (6) [121 and introduce the notation we 
are going to use. 

Let us recall our two new simulation notions: 

Definition 1 Given P = (P,A,— >•/>) and Q = (Q,A,—>q), two labeled transition systems (LTS) for the 
alphabet A, and {A r ,A ,A h '} a partition of this alphabet, a (A r \A l )-simulation (or just a covariant- 
contravariant simulation) between them is a relation S QP x Q such that for every pSq we have: 

• For all a € A' ' U A bl and all p — ^ p' there exists q — q' with p'Sq' . 

• For all a € A 1 UA bl , and all q — q' there exists p p' with p'Sq'. 

We will write p <cc <7 if there exists a covariant-contravariant simulation S such that pSq. 

This definition combines the requirements of plain simulation, for some of the actions, with those of 
plain "anti-simulation", for some of the remaining actions, imposing both on so-called bivariant actions. 

Definition 2 Given P = (P,A, — >p) and Q = (Q,A,— >q) two labeled transition systems for the alphabet 
A, a conformance simulation between them is a relation R CP x Q such that whenever pRq, then: 

• For all a € A, if p — then q — ( this means, using the usual notation for process algebras, that 

/(<?)). 

• For all a € A such that q — > q' and p — >, there exists some p' with p — > p' and p'Rq'. 
We will write p <cs <1 if there exists a conformance simulation R such that pRq. 

The first clause of the definition guarantees that Q has at least all the behaviors of P, allowing to "im- 
prove" a process by extending the set of actions it offers, whereas the second clause establishes that a 
process can be "improved" by reducing the nondeterminism in it. 

Let us recall that the set BCCSP(A) of basic processes for the alphabet A is defined by the BNF- 
grammar 

p ::= | ap \ p + p 
where a G A. The operational semantics for BCCSP terms is defined by 

a . i a / 

u y T P a i a , 

p + q — >p p + q — >q 

With these operators we can only define finite processes; however, it is well known that these operators 
capture the essence of any transition system, which can be defined by a system of equations specifying 
the behavior of each state. (The axioms for recursive processes, other interesting extensions including 
the communication operators, and possibly some others, are left for future work.) 
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3 Axiomatization of the new simulation preorders 

In this section we present a finite axiomatization of the two preorders for basic finite processes induced 
by our new kinds of simulation. 

3.1 Covariant-contravariant semantics 

We consider a partition {A r ,A l ,A b '} of the alphabet A, with actions that have either a covariant nature, 
or contravariant, or both at the same time. Contravariant simulation <^ 1 is just the inverse of plain 
simulation and therefore can be trivially axiomatized by inverting the axiom for plain simulation 

(S) xQx + y, 

thus obtaining 

(S^ 1 ) x + yQx. 

In order to produce an axiomatization of covariant-contravariant simulation we need to combine in 
an adequate way these two axioms, by constraining each of them to the case in which the added process 
y only offers actions with the corresponding covariant or contravariant character. Hence we obtain: 

(S r ) I(y) CA r ^x^x+y. 

(S" 1 '') I(y) QA l ^x + yQx. 

We can omit the conditions in these two axioms by considering two generic actions a r G A r and ai G A 1 : 

(Sp xQx + a r y. 

(Sp) x + aiy C x. 

Note that actions in A hl do not appear in the axioms above, although they could be included in the 
processes instantiating the variables x and y. This is an immediate consequence of the fact that their 
behavior corresponds to that governed by bisimulation, so that we need not add any new axiom to those 
capturing the bisimilarity relation: 

(Bi) x + y = y + x. 

(B 2 ) {x + y)+z=x+{y + z). 

(B3) x + x = x. 

(B 4 ) x + = x. 

We will use these axioms implicitly in the remainder of this paper. 

Proposition 1 The (A r ' ,A 1 )-simulation preorder can be axiomatically defined by means of the set of 
axioms {Bi, B 2 , B 3 , B A ,S r p ,S l p }. 

Proof. First we prove that the axioms (Sp and (S l p ) are sound for the (A r , A 1 ) -similarity relation <cc- 
Indeed: 

• For all a£A r U A hl , if x —> x' then x + a r y —> x' and x' <cc * ' ■ 

• For all a G A 1 U A bl , if x + a r y x 1 , then x x' and x' < C c x! ■ Note that a / a r since A r n (A 1 U 
A bi ) = 0. 

• For all a G A r U A hl , if x + aiy —> x' then x xf and xf <cc as above, because a^ai again. 
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• For all a G A 1 U A hl , if x x', then x + aiy —?> x' and x' <cc x' ■ 

To prove completeness we consider p <cc q and reason by structural induction on p. 

• If p is then I(q) C A r , since p cannot simulate any action in A 1 L)A hl . Then q = ^a r q r and we 
can apply (S r p ) to each summand in turn to get OQq. 

• Let us consider p = (£a r p r + Y<aiPi+Y< a bPb), distinguishing the summands of p which start with 
actions in either A r , A 1 or A hl . We decompose q in the same way to obtain q = (Y,b r q r + YJo\qi + 
Y,bbqb)- Then: 

- For every a r there exists b r , with a r = b r , such that p r <cc q r and, by induction hypothesis, 
Pr E qr- Then Y* a rPr E Y*b r qr- It could be the case that some summands of Y*b r q r are never 
used to simulate any of the transitions of p, but then we can add all those summand by using 
(Sp), to derive Y* a rPr E Y*b r q r - 

- For the summands Y* a iPi and Y*biqi we can argue in exactly the same way, but starting with 
the righhand side and using (S^) instead of (S r p ), to conclude now Y* a lPl E YJ°iqi- 

- Finally, using standard arguments for bisimulation, we can establish a full correspondence 
between the summands Y* a bPb and YJ°bqb, having ab = bb and pb <cc qb, and by induction 
hypothesis we prove Y* a bPb E J^bbqb, thus concluding the proof. □ 

3.2 Conformance semantics 

Conformance simulation combines in a curious manner the features of both ordinary (covariant) and 
inverse (contravariant) simulation: the addition of new capabilities is always considered beneficial but, 
when an action is already offered, new ways to execute it are avoided since this leads to a more non- 
deterministic process. 

To capture the first situation we need a variant of the axiom (S) characterizing ordinary simulation: 

(S C s) I(p)ni(q)=®^p^p + q. 
For the latter, we instantiate the axiom (S _1 ) obtaining 

(S^ 1 ) I(q)^I(p)^P + qQp, 
which can be equivalently stated as 

(S c j p ) ap + aq Qap. 

There is, however, an important drawback: conformance simulation is not a precongruence because 
it is not always preserved by +. Indeed, <cs ®b and ac <cs ac, but not ac <cs ab + ac. Fortunately, 
to obtain a satisfactory algebraic treatment of the conformance order it is enough to consider the weak- 
est precongruence contained in it, as is done for weak bisimulation and the corresponding observation 
congruence. Let us simply replace the axiom (Scs) by its guarded version 

(S CS , g ) I(p)nl(q)=<d^a P ra(p + q). 

Definition 3 We define the conformance precongruence relation p <£ s q by 

P^cs a (P^csq and I (p) 2 I (q))- 
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Note that the condition I(p) D I(q) is not imposed recursively but just on the initial states of the 
processes, which corresponds to the fact that the (once) guarded axiom (Scs, g ) becomes sound for the 
classical substitution calculus, in order to characterize the conformance precongruence <£ s . 

Proposition 2 If the set of actions A is infinite, then the precongruence relation < p s is the coarsest 
precongruence contained in <cs- 

Proof. Obviously, we have <£ 5 C <cs- If there were a larger precongruence, there would exist p and 

ab 

q with p <cs q but I(q) % I(p): then, taking a € I(q) \I(p) and b G A such that q /— s> we would have 
ab + p %cs ab + q (since ab % C S 4)- 

Finally, both the prefix operator and + preserve < p cs : 

• If P l^cs 1' tnen a P ~cs aa since l{ a P) = l{ ac i) = W> an(1 f° r a 1 ~^ 1 we nave a P ~^ P with 

P Zcs 1- 

• If P ^Scs a > tnen a P + r Hcs ac l + r since I(ap + r) = I(aq + r) = I(r) U {a}, and for aq + r q 
we have ap + r p with p <^ s q and, whenever aq + r r' with r r', we trivially have 
ap + r r 1 . □ 

Proposition 3 The set of axioms s^cs = {Bi, B2, B3, B4, Scs,g, $cs p} * s complete for the conformance 
precongruence relation < p s . 

Proof. We show by induction on the depth of p that, whenever p < p cs q (resp. bp < p cs bq), we have 
£?cs (resp. sf C s \~bpQ bq). 

• If < p cs q, then also q = and 0^0 using (S^ ). 

• If M) < p cs bq, then we can apply (Scs,g) with p = 0. 
Let us now consider p = Z ai ei( P ) a iPij and 1 = L ai ei(q) a m- 

• If P <cs 9 tnen !(p) = K<l) and P tf, so for each q ik there is some with p tj < cs and 
therefore we can apply the second induction hypothesis to conclude that aipij C 0,-^. It is possible 
that some summands pij will be paired with no q& in the step above, but then we can apply the 
axiom (S^ Sp ) to them to conclude the proof. 

• Assume that bp < p s bq. If /(/?) = I(q) then we also have p < p s q and this corresponds to the 
situation above. However, in this case we could have I(p) C I(q) ; then q = q' + r, with r the 
summands Ea ( e/(?)\/fp) a ;#i)b = ^(V)> and P and nence P E Now, we conclude the 
proof by applying the axiom (Scs,g) to q' and r. □ 

4 Axiomatization of the new simulation equivalences 

Next we discuss the axiomatizability of the equivalences induced by covariant-contravariant and confor- 
mance simulations, obtaining a finite axiomatization for the latter, and also for the first, but only when 
the set A bl of bivariant actions is empty. Instead, we also present the impossibility result proving that 
covariant-contravariant simulation is not axiomatizable if we have A hl 7^ and A r U A 1 / 0. 
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4.1 Covariant-contravariant simulation 

Let us first consider the case in which A = 0. In order to axiomatize the equivalence =£ c induced by 
(A r , A 1 ) -simulation we apply the general procedure introduced in (2l[T][8l, based on the characterization 

p=sp + q^=>q<sp ■ 

Thus we obtain: 

(Sl=) a r (x+b r y) = a r (x + b r y) + a r x. 

(S2=) a r x = a r x + a r {x + biy) . 
Obviously, the characterization above becomes unsound when contravariant prefixes appear because the 
pure contravariant simulation satisfies 

q= s l p + q^=?q< s l p . 

Therefore, we must reverse the inequalities above to obtain the adequate axioms for contravariant pre- 
fixes: 

(S3=) aix = aix + ai(x + b r y). 

(S4£f) ai(x + biy)=ai(x+biy) + aix. 
Now we would expect the set of axioms stf^ c = {Bi, B2, B3, B4,Sll',S2l',S3l', S4= } to axiomatize 
(A r ,A')-simulation equivalence. Certainly, all the axioms in this set are sound; in order to prove com- 
pleteness in the absence of actions A b \ we start by stating the following lemma that gives us two useful 
derived axioms. 

Lemma 1 The following equalities are derivable: 

{S1|',S2|'}I- a r {x + p r )=a r {x + p r )+a r (x + pi) (DS1|') 
{S3*' , S4|' } h ai (x+ pi) = ai (x+ pi) + a,(x + p r ) (DS2|') 

where p r (resp. pi) denotes any process prefixed by actions inA r (resp. A 1 ); more formally, p r = Y.iei^rPi 
(resp. pi ='L je ja J l Pj). 

Proof. We only show the case of (DS1=). We start by proving that a r {x + p r ) = a r (x + p r ) + a r x by 
induction over the size |/| of /. 

• If \l\ = 0, the result is trivial. 

• If |/| = 1, we immediately obtain the result by applying the axiom (Sl= ). 

• For |/| > 1, we take I = I' U {/} with |/'| = |/| — 1. Note that a r (x + p r ) = a r ((x + p' r ) + a' r pi) so 
that, applying axiom (Sl= ), we obtain 

a r (x + p r ) = a r ((x + p' r ) + a' r Pi)+a r (x + p' r ) = a r (x + p r ) +a r (x + p' r ). 

Using the induction hypothesis with the term a r (x + p' r ) leads to 

a r (x + p r ) = a r (x + p r ) + a r (x + p' r ) + a r x, 

and, reusing the equality a r {x + p r ) +a r {x + p' r ) = a r (x + p r ) above, we obtain 

a r {x + p r ) = a r {x + p r ) + a r x (1) 

as desired. 
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Now, we can analogously prove the equality 

a r x = a r x + a r (x + pi). (2) 
Replacing a r x in equation [Qby the righthand side of equation |2]produces 

a r (x + p r ) = a r (x+ p r ) A-a r x + a r {x + pi) 
and, applying equation Q] again, we finally obtain (DSl^): 

a r (x + p r ) = a r (x + p r ) + a r (x + pi). 

□ 

For the main proof we have to adapt the classic technique for the completeness of the axiomatization 
of the plain simulation semantics (p <$ 1 implies I - q = P + ?)> taking into account the difference 
between covariant and contravariant actions. For technical reasons we need to consider a "free" arbitrary 
term r. 

Proposition 4 If p <cc q then, for all processes r: 

^cc ^ a r(q + r) = a r (q + r) + a r (p + r) 

and 

^cc ^ a l{P + r ) = ai{p + r)+ai(q + r). 

Proof. We proceed by induction on the depth of p. We start by decomposing both p and q as follows: 
P = Pr+Pl, q = q r + qi, where p r = £ te/pr a l r p h p l = £ iG/p; a]p h q r = £ te/?r a' r qi and qi = £ !e/?; a\q { . 
Then, it is clear that the depths of both p r and p\ are less or equal than the depth of p and besides we 
have p < cc q p r <cc <7r A pi < C c qi- 

Next, let us consider p r <cc q/- this is an instance of the hypothesis of the statement to prove, which 
corresponds to the particular case in which I(p) Ul(q) C A r . Then, we need to prove both 

^cc ^ a r{q + r) = a r (q + r) + a r (p + r) 

and 

s$(r c h a t (p + r) =ai(p + r)+ai(q + r). 
Let us consider in detail the second statement. 

• If p = 0, it follows that .stf^ c h a\r = air+ai(q + r) by an application of the equation (DS2=), with 
pi = 0, x = r, and p r = q. 

• If p = Y,iei a 'rP'i an d q = HieJ a 'rP'i' from p <cc q it follows, without loss of generality, that / C 
/ = / U /' and then we take J = I U J 1 with J' chosen such that / n / = 0, with p\ < cc q\ for all 
i € /. Now, by induction hypothesis, h a\.q\ = a\q\-\- a' r p';. Next we obtain s^q C h Y*iei a Wi = 
Hiei a Wi + P an d hence, by adding Yiief a Wi to both sides, s$q C h q = q +p, by congruence, we 
have \~q + r = q + p + r. Now, by applying (DS2= ) with x = p + r, /;>/ = 0, and p r = g, we 
obtain g/^. h ai(p + r) = ai(p + r) + ai{p + r + q) which, combined with the previous equation, 
finally leads to s^^ c hfl;(p + r) = ai(p + r) +ai(q + r). 



I. Fabregas, D. de Frutos Escrig & M. Palomino 



9 



The first statement above is proved in a similar way, and the ones arising from pi < qi can be dealt 
with analogously. 

To conclude, we consider the general case p <cc q- By applying the results obtained above, starting 
from both p r < cc q r and p t < cc qi, we have 

s^q C h a r (q r + r)= a r {q r + r) + a r (p r + r) 

and 

■^cc^ a r (qi + r) = a r {qi + r) + a r {pi + r) . 
In particular, making r equal to q\ + r 3 in the first equality: 

srfrf c h a r (q r + qi + r') = a r (q r + qi + r') + a r (p r + qi + r') . 

(It is at this point that the "free" variable r in the statement is needed, so as to be able to proceed by 
instantiating it in a suitable manner). Now, instantiating r with p r + r' in the second derived equation: 

i4r I" a r (p r + qi + r) = a r (p r + qi + r') + a r (p r + pi + r). 

If we now combine the last two equations we can obtain 

^cc !~ a Mr + qi + r ) = a r (q r + qi + r) + a r (p r + pi+ r), 

and, since r 1 is arbitrary, we finally get 

^cc !~ a r {q + r) = a r (q + r) + a r (p + r) . 

We can proceed in a similar way for ai, thus obtaining 

^cc *rai{p + r) = a t (p + r) +a t (q + r). 

And this concludes the proof. □ 

The main theorem is now at hand. 

Theorem 1 Whenever A = A r U A 1 , the set of axioms £/= c = {Bi,B 2 ,B 3 ,B 4 ,Sl^,S2^,S3^, SC'} is 
complete for (A r ,A l )-simulation equivalence. 

Proof. Let p =cc q' we need to prove srf^ c h p = q. The proof will follow by induction on the depth of 
P- 

• If p = we obviously have q = 0. 

• Let p = Ziei a rPr + lye/ a \ pj and q = lie/' a Wr + Hjef a \ ?/ ■ Then » 

- for each i € /, there exists some /' G /' with a\ = af r and joj. <cc and 

- for each /' G /' there exists some i" G / with aj.' = af and q^ r <cc Pr ■ 

Obviously, it could be the case that i / /". Then, we could repeat the same argument with i\ = i", 
and with ?2 = i", . . . , to obtain a sequence (i, i\, ?2, . . .). Since |/| < °o, eventually we will find 
i m = i n and, hence, 

- for each i G / we obtain /' G /' and /" G / such that a\ = = » ^cc an d Pr =cc qi ■ 
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Of course, we can repeat the same reasoning starting with f G /' as well as for the contravariant 
summands in a dual way, to obtain the following decompositions: 

P = £4Pr + E a rPr + £ °l'Pl' + E u TpT 

iE/ fceAT ifeX 7 meM 

and, 

? = E fl r?r' + E a ^ + E «f«f + E a /V 

('£/' fcetf k'EK' m'EM' 

where: 

- for all i G /, there exists G A" such that d r = a k and p' r <cc p\\ and 

- for all m G M, there exists k' G iT' such that af = af and pf <cc P n \\ and 

- for all i' G there exists k G K such that aj. = a k and gj.' <cc 9r> an d 

- for all m' €M', there exists G A' such that af = af and qf <cc qf', and 

- for all k £K, p k r = cc q k r ; and 

- for allfc'e K',pf = CC qf ■ 

Then we can apply the induction hypothesis to any pair (p k ,q k ) and also to any pair (pf ' ,qf). To 
conclude the proof we only need to apply Proposition 01 taking r = 0, to any such pairs {p' r) p k r ) 
and (p k ,pf), and analogously for the components of q. □ 

The addition of bivariant actions (assuming that there are already other actions present) changes the 
picture completely. Now, it is no longer possible to axiomatize the equivalence. 

Theorem 2 IfA bi ^ andA r UA 1 ^ 0, then (A r , A 1 ) -simulation equivalence is not finitely axiomatizable. 

Proof. Let us take a& G A bl and, without loss of generality, a r G A' '. We consider the two families of 
processes 

p n = a r a n bi a r and q n = a r a n bi a r + a r alfi, 

where, as usual, we denote by a n bi (with n > 0) the repeated application of the prefix operator aw (n 
times). 

It is easy to check that p n =cc q n - On the one hand, p n <cc 9« trivially; on the other hand, checking 
that q n <cc Pn simply amounts to checking that <cc o-r- (However, note that taking p~ = a n bj a r and 
<7n = a n bi afi + a n bj Q does not lead to p~ =cc q~ ; indeed, p~ %cc 9« because if we start with the first au 
from the second summand of q~ then a n b T ' a r %cc a!j 0.) Now, for any finite axiomatization si , let n 
be bigger than the depth of any term appearing in si; we are going to show that if si is sound for =cc 
then we cannot have si \- p n = q n . 

We will show that if we start with p n and obtain a sequence of equivalent terms p n = p n = p\ = . . ., 
where each term is obtained from the previous one by an application of a single axiom in si , then no 
p ] n can be q n . If we apply an axiom to p n in a position different from its root, then we are transforming 
a subprocess p 1 = a' bj a r 0, with m <n, into some equivalent process q =cc p' ■ If we define q \. m as the 
process obtained by "pruning" q at depth m, the result will be bisimilar to a bj 0, since q cannot execute 
any other action until it executes the prefix a b \ m times and, moreover, it cannot stop in the meantime. In a 
similar way, from q =cc p' we also infer that q |(m + 1 ) ~ p' \, [m + 1 ) and then the obtained p\ satisfies 
p n \. (n + 2) ~ p n . The same argument can be applied starting from any p ] n such that pi | (n + 2) ~ p n , 
so that this invariant is preserved as long as there is no application of an axiom in si at the root of any 
pi 
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Therefore, the only possible way to break this invariant, that obviously is not satisfied by q n , is 
to apply an axiom from stf at the root of some pi. In that case, the lefthand side of such an axiom 
would match several prefixes of the process a,-a™f) and then, following [13], it is easy to see that the 
corresponding axiom has to be correct under bisimulation, too. As a consequence, the process p J n+l 
resulting after the application of the axiom also satisfies p J n+l I (n + 2) ~ p n . Therefore by repeated 
application of the axioms in srf we will never reach a term such as q n , thus concluding srf Y- p n = q n . □ 

Note that the proof would remain valid even if we allowed conditional axioms whose conditions only 
observed the process locally, since the key fact in the proof above is that in order to generate the choice 
at q„ we need to "see from the top" that the two branches below, even if different from each other, can 
be joined to obtain a process equivalent to p n . But the branches cannot be joined bottom up, in a step 
by step fashion, since p~ ^cc On - Therefore, a conditional axiomatization whose conditions observe the 
processes locally would suffer the same problems as a purely equational one. 

4.2 Conformance simulation 

As before, we start by applying to the axioms characterizing < p cs the general procedure presented in 
(9j[T]|8]]. m this case we obtain the following two axioms: 

(Sg s ) I{p)nl{q)=<d^ap = ap + a{p + q). 
(S= > ) l(q) C l(p) =>• a(p + q) =a(p + q)+ ap. 

Note that we have used the contravariant version of the procedure because once we compare two 
processes offering the same set of actions the behavior of < p cs is contravariant since we have 

ap > p cs ap + aq. 

Therefore, we cannot apply the general results in (9l [H to prove the completeness of the proposed ax- 
iomatization. However, a beautiful variant of the classical proof for plain simulation will do the job. 

Theorem 3 The set of axioms s/^ s = {Bj, B2, B3, B4,S£ 5 ,S= 1CS } is a complete axiomatization for the 
simulation equivalence =cs- 

Proof. First note that p =cs q implies I(p) = I(q) and p =^ s q, and therefore we can use either =cs or 
= p cs , indistinctly. It is also routine to check the correctness of the axioms for =cs- To prove completeness, 
we show that p <£ 5 q implies s/^ s h p = p + q. Obviously, then we are done because p =cs q implies 

P ^cs a and a ~C5 P- 

We proceed by induction on the depth of p: 

• p = implies q = trivially. 

• Let p < p cs q with p — K Then we also have q and for all q' with q — > q' there exists p — > p' 
such that p' <cs 4 ■ Note that we cannot conclude p' < p cs q' since it is possible that I(p') £ I(q'), 
but then we can write q' = q" + r with I(q") = I(p') and I{r)C\I(q") = 0. It is clear that p' < p cs q" , 
so that by induction hypothesis we obtain stf^ h p' = p' + q". Then, we have s^q S h ap' = a{p' + 
q") and applying (S= 1,C5 ), s/^ s h ap' = a(p' + q") + aq", and then g/^ s h ap' = ap' + aq" . Now, 
by applying (S= S ) we have h aq" = aq" + a(q" + r), to conclude that £/^ s h ap' = ap' + aq' 
and therefore £/^ s h p = p + q. □ 
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Note that (S= 1,C5 ) is the axiom characterizing the ready simulation equivalence, from which we 
conclude that = R s C = C5 . Obviously, the reverse inclusion is false since (S£ 5 ) is not sound for =rs. 
For instance, ab =cs ab + a(b + c), but a(b + c) %rs ab. In fact, we also have a{b + c) %s ab, proving 
that =cs ^ =s- m order to obtain = R s from =cs we should strengthen the definition of the latter by 
considering ready conformance simulations defined as plain conformance simulations, but only allowing 
pairs of processes satisfying I(p) = I(q). If we denote by <#cs the generated preorder we have the 
following result. 

Proposition 5 < RCS = < R s, and therefore = RCS = =rs and < R ^ C < C5 . 

since (S= 1,CS ) is the axiom that defines ready simulation equivalence, it can be presented in an 
equivalent way avoiding the condition and thus obtaining a pure algebraic axiom. However, it is not 
clear whether axiom (S= s ) allows such a finite pure algebraic presentation, and in fact the same happens 
with the axiom (Scs) in the axiomatization of the conformance preorder. Hence, it could be the case that 
both the conformance preorder and the induced equivalence are not finitely axiomatizable using pure 
equational axioms, as is the case for ready trace semantics. 

5 Conclusions 

We have continued with the study of covariant-contravariant simulation and conformance simulation 
semantics started in lfl2l ITTTl by considering the axiomatization of the preorders and equivalences that 
they define. 

We have showed that the desired axiomatizations can be obtained from that of the plain simula- 
tion preorder, whose completeness proof can be adapted in a simple, but elegant manner to obtain the 
completeness of the new axiomatizations. Also, by applying a suitable variation of our "ready to pre- 
order" techniques (9j we have obtained the axiomatizations of the corresponding conformance simu- 
lation equivalence. Surprisingly, we also succeeded in axiomatizating the equivalence for covariant- 
contravariant simulations but only in the particular case where A bl = 0; otherwise, we proved that the 
covariant-contravariant simulation equivalence has turned out to be the second known example of a se- 
mantics whose defining preorder can be finitely axiomatized, but the induced equivalence cannot. The 
first example of such a borderline situation can be found in [5 ]. It is curious to notice that although the 
two semantics are completely different (the semantics here is quite simple since it is a plain semantics, 
while the one in Q is much more complicated), and in our case it is clear that the difficulties stem from 
the interference between bivariant and monovariant actions, the structure of the considered "counterex- 
amples" in both cases is essentially the same: there is a choice betweeen two quite long branches which 
can be can joined into a single one, but this should be done in a single step because the choice cannot 
be delayed at all, even if the beginnings of the two branches are the same. Therefore, in order to capture 
the equivalence, we would need an axiom able to "see" the (too far away) ends of the two branches, 
but this is of course impossible with a finite number of axioms since the lengths of the branches in the 
counterexamples can be arbitrarily long. 

We expect our work on the subject to contribute to a better understanding of all the complex situations 
that arise when covariant and contravariant concepts coexist. This, for example, is the case in all the 
recent works on modal, input-output or interface formalisms, that try to clarify the relationships betwen 
specifications and implementations. In fact, it is our intention to continue with this line of research by 
trying to discover, and take benefit from all the connections between our work and those cited in this 
paper. 
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